logo

Privacy Policy

Last updated: 25 April 2026

This Privacy Policy explains how Tyrun BV (“TYRUN”, “we”, “us”) collects, uses and protects personal data when you visit our website, contact us, subscribe to our newsletter, register interest in our affiliate/partner programme, buy or manage tickets, or otherwise interact with TYRUN.

1. Who we are

The controller of your personal data is:

Tyrun BV
Company number / VAT: BE 0770.444.274
Registered address: Caudenberg 11, 9570 Lierde, Belgium
Privacy contact: [privacy/contact email]

2. What personal data we process

Depending on how you interact with us, we may process:

Website and technical data

  • IP address, device/browser data, pages visited, referrer URL, timestamps and approximate location.
  • Cookie identifiers, analytics identifiers and advertising identifiers, where applicable and with consent where required.

Contact form data

  • Name, email address, phone number, subject and message.

Newsletter data

  • Email address and preferred language/locale.

Affiliate/partner application data

  • Club or box name, contact person, email address, phone number, address, postal code, city, country, club type, approximate number of members, website and message.
  • Internal notes, affiliate/discount code, commission/discount settings and onboarding status if an application is approved.

Ticketing and event data

  • Data needed to manage event participation, ticket purchases, checkout and customer support.
  • Where ticketing is handled by a third-party ticketing provider, that provider may also process your order and payment data under its own privacy policy.

Marketing and conversion data

  • If consent is given, we may use tools such as Google Analytics, Meta Pixel and Meta Conversions API.
  • For Meta conversion events, some identifiers such as email, phone, name, city/country, IP address, user agent and Meta cookie IDs may be hashed or otherwise prepared before being sent to Meta.

Admin/account data

  • If you are an authorised TYRUN admin or collaborator, we may process login, email and access data needed to operate the website CMS and internal tools.

3. Why we process your data and legal bases

We process personal data for the following purposes:

PurposeDataLegal basis

Operating and securing the website

Technical logs, anti-spam tokens, security data

Legitimate interests

Responding to contact requests

Contact form data

Legitimate interests or steps before a contract

Sending newsletters

Email, language preference

Consent

Managing newsletter unsubscribe requests

Email

Legal obligation and legitimate interests

Managing affiliate applications

Affiliate form data

Steps before a contract and legitimate interests

Managing approved affiliate partners

Affiliate profile, commission/discount settings, internal notes

Contract and legitimate interests

Publishing approved partner/club listings

Public club profile data such as club name, city, website, logo and description

Contract or legitimate interests

Managing tickets and events

Order, customer and participation data

Contract

Accounting, tax and legal administration

Invoices, order/admin records

Legal obligation

Analytics and website improvement

Analytics/cookie data

Consent where required

Advertising measurement and conversion tracking

Meta/Google identifiers, event data

Consent where required

Preventing fraud, spam and misuse

Honeypot fields, timing checks, technical data

Legitimate interests

We do not use your data for solely automated decisions that produce legal or similarly significant effects for you.

4. Cookies and tracking technologies

Our website may use cookies, pixels, scripts, local/session storage and similar technologies.

Essential technologies are used to make the website work, secure forms, prevent spam and remember technical choices. These are processed based on our legitimate interests.

Non-essential technologies, such as analytics, advertising pixels and conversion tracking, are used only where legally allowed and, where required, after your consent. These may include:

  • Google Analytics / Google Tag scripts.
  • Meta Pixel and Meta Conversions API.
  • Atleta ticketing or checkout tracking integrations.
  • Google Maps scripts when map features are used.

You can manage or withdraw cookie consent through the cookie banner or cookie settings where available. You can also block cookies through your browser settings, but some website functions may not work correctly.

5. Newsletter

If you subscribe to the newsletter, we use your email address and language preference to send TYRUN updates. You can unsubscribe at any time using the unsubscribe link in the email or by contacting us.

Withdrawing consent does not affect processing that happened before withdrawal.

6. Contact and affiliate forms

When you submit a contact or affiliate form, we use your data to respond, review your request and keep an internal record.

Affiliate applications may be stored in our CMS and, if approved, transferred to our CRM tools such as Notion. Approved partner data may also be used to create affiliate codes, manage commission/discount settings and display public club/partner information on the website.

7. Ticketing and third-party checkout

TYRUN may use third-party ticketing and checkout tools, including Atleta, to manage ticket sales, event registrations and checkout events. When you use those services, the ticketing provider may process personal data as an independent controller or processor, depending on the service. Payment details are typically processed by the payment/ticketing provider and not directly stored by TYRUN unless specifically needed for administration or legal obligations.

8. Who receives your data

We may share personal data with:

  • Website hosting and database providers.
  • CMS and infrastructure providers.
  • Email delivery providers, such as Resend.
  • Ticketing and checkout providers, such as Atleta.
  • CRM and internal workflow providers, such as Notion.
  • Analytics and advertising providers, such as Google and Meta, where enabled and consented to where required.
  • Map providers, such as Google Maps, when map features are used.
  • Professional advisers, accountants, legal advisers or authorities where required.
  • TYRUN staff, contractors and service providers who need access to perform their work.

We do not sell your personal data.

9. International transfers

Some service providers may process data outside the European Economic Area. Where this happens, we rely on appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, contractual protections or other measures required under GDPR.

10. How long we keep data

We keep personal data for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

For first-party data stored in TYRUN systems, including our CMS, CRM and internal administration, we may retain data for as long as there is an active relationship with you, an ongoing business need, a legal/accounting obligation, a security reason, or a potential dispute or claim.

Typical retention criteria are:

  • Contact requests: kept as long as needed to handle the request and maintain a useful history of communications.
  • Newsletter subscriptions: kept until you unsubscribe or withdraw consent.
  • Affiliate applications: kept for review, follow-up and internal administration. Approved affiliate/partner records are kept for as long as the partner relationship remains active and afterwards as needed for accounting, legal, contractual or dispute purposes.
  • Ticket/order/accounting records: kept as required by Belgian accounting, tax and legal obligations.
  • Website security and anti-spam data: kept as long as needed to protect the website and prevent misuse.
  • Analytics, advertising and cookie data: kept according to the relevant cookie/tool settings and your consent choices.

Where we no longer need personal data, we will delete it, anonymise it, or restrict access to it. You may also request deletion of your personal data, subject to legal, contractual and legitimate retention grounds.

11. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or disclosure. These include access controls, form validation, anti-spam protections, secure infrastructure and restricted admin access.

No online service can be guaranteed to be completely secure, but we take reasonable steps to protect your data.

12. Your rights

Under GDPR, you have the right to:

  • Access your personal data.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data.
  • Restrict processing.
  • Object to processing based on legitimate interests.
  • Withdraw consent at any time where processing is based on consent.
  • Request data portability where applicable.
  • Lodge a complaint with a supervisory authority.

To exercise your rights, contact us at [privacy/contact email]. We may ask for information to verify your identity. We normally respond within one month. If a request is complex, this period may be extended as allowed by GDPR.

13. Complaints

If you believe we have not handled your data correctly, please contact us first so we can try to resolve it.

You also have the right to lodge a complaint with the Belgian Data Protection Authority:

Gegevensbeschermingsautoriteit / Autorité de protection des données
Drukpersstraat 35 / Rue de la Presse 35
1000 Brussels, Belgium
Email: contact@apd-gba.be
Website: https://www.gegevensbeschermingsautoriteit.be

14. Children

Our website and services are not specifically directed at children. If we become aware that we have collected personal data from a child without appropriate consent where required, we will take steps to delete or restrict that data.

15. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website and will show the date of the latest update.

Privacy policy | Tyrun